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DETAILED ACTION 

1 . This Office Action is in response to the Amendment filed on 12/23/2008. 

2. In the instant Amendment, Claims 1-12 were previously canceled; Claims 13-15 have been 
amended; Claim 13 is independent claim. Claims 13-15 have been examined and are 
pending. This Action is made FINAL. 

Response to Arguments 

3. The objections to claims 13-15 are withdrawn as the claims have been amended. 

4. The rejections of claims 13-15 under 35 U.S. C. § 101 are withdrawn as the claims have 
been amended. 

5. The rejections of claims 13-15 under 35 U.S.C. § 1 12 second paragraph are withdrawn as 

the claims have been amended. 

6. Applicants' arguments with respect to claim 13-15, regarding the limitation "issuing N''^ 
CA information that includes an JSf^ CA certificate indicating that the Nth server certificate 
is valid and include an (N+l/^ address for update indicating a location of the (N+l)the 
download server, " have been fully considered but they are not persuasive. 

Applicants' arguments: 

a. Kenichi fails to disclose or suggest "issuing N*^ CA information that includes an 
Nth CA certificate indicating that the Nth server certificate is valid and include an 
(N+l/^ address for update indicating a location of the (N+l)the download 
server. " 
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The Examiner disagrees for the following reasons: 

a. Kenichi does disclose issuing N'* CA information that includes an Nth CA 

certificate indicating that the N'* server certificate is valid and include an (N+1)*'' 
address for update indicating a location of the (N+l)the download server (pars. 

0011, 0014, 0017, and 0220; Fig. 4; certification authority address information 
402; when the renewal program 102 of a certificate is started, according to the 
certificate authority address information 402 of the certificate 101, it will take 
connection 505 for the certificate authority 105 via a network). 

7. Applicants' arguments with respect to claims 13-15, regarding the limitation "starting up 

the (N+1)'^ authentication apparatus and the (N+l)the download server, " and 
"terminating the operation of the (N+1)''' download server, " have been considered but are 
moot in view of the new ground(s) of rejection. 



Priority 

8. Should apphcant desire to obtain the benefit of foreign priority under 35 U.S.C. 1 19(a)-(d), 
a certified English translation of the foreign apphcation must be submitted in reply to this 
action. 37 CFR 41.154(b) and 41.202(e). 

Failure to provide a certified translation may result in no benefit being accorded for 
the non-English application. 
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Claim Rejections - 35 USC § 103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

10. This application currently names joint inventors. In considering patentability of the claims 
under 35 U.S.C. 103(a), the examiner presumes that the subject matter of the various 
claims was commonly owned at the time any inventions covered therein were made absent 
any evidence to the contrary. Applicant is advised of the obUgation under 37 CFR 1.56 to 
point out the inventor and invention dates of each claim that was not commonly owned at 
the time a later invention was made in order for the examiner to consider the applicability 
of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) prior art under 35 U.S.C. 
103(a). 

1 1 . Claims 13-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Kenichi et 
al, (hereinafter "Kenichi"), J.P. Patent Publication No. JP 2002-215826 published on 
August 02, 2002, in view of Perlman et al., (hereinafter "Perlman"), U.S. Patent No. 
6,230,266 issued on May 08, 2001. 

• Regarding claim 13, Kenichi discloses a method of operating a communication 
system comprising (i) anN* authentication apparatus, (ii) an (N+ 1)* authentication 

apparatus, and an (N+ if^ download server, each being connected over a communication 
network, wherein N and (N+1) are values each indicating a number in a sequence in a case 
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where a plurality of authentication apparatuses and a plurality of corresponding download 
servers are sequentially put into operation, N being an integer of 1 or larger (pars. 0007 
and 0019-0020; Fig. 8; certificate authority A 801, certificate authority B 803, and 
computer 100), 

wherein the N**" authentication apparatus (Fig. 8, certificate authority A 801) 

includes: 

an Nth server certificate issue unit operable to issue an Nth server 
certificate ensuring validity of an apphcation server (pars. 0019-0023; certificate 804); and 

an Nth certificate authority (CA) information issue unit operable to issue 
Nth CA information including an Nth CA certificate and an (N+1)* address for update, the 
Nth CA certificate indicating that the Nth server certificate is valid, and the (N+l)^'' address 
for update indicating a location of the (N+ l)**" download server on the communication 
network (pars. 0007, 0011-0012, and 0014-0020; Figs. 4-9; certification authority address 
information 402), 

wherein the (N+ l)**" authentication apparatus (Fig. 8; certificate authority B 
803) includes: 

an (N+I)th server certificate issue unit operable to issue an (N+1)* server 
certificate ensuring the validity of the application server (Fig. 8; certificate authority B 
803); and 

an (N+ l)*** CA information issue unit operable to issue (N+ 1)^^ CA 
information including an (N+l)th CA certificate and an (N+2)th address for update, the 
(N+lf CA certificate indicating that the (N+1)* server certificate is valid, the (N+2)*^ 
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address for update indicating a location, on the communication network, of an (N+2)* 
download server on which (N+2)*'' CA information is placed, and the (N+2)'*' CA 
information including an (N+2)*'' CA certificate to be a next valid CA certificate in a case 
where the (N+lf CA certificate is becomes revoked (pars. 0007, 0011-0012, and 0014- 

0020; Figs. 4-9; certification authority address information 402; when the renewal 
program 102 of a certificate is started, according to the certificate authority address 
information 402 of the certificate 101, it will take connection 505 for the certificate 
authority 105 via a network), 

wherein the (N+ l)**" download server (Fig. 8; computer 100) includes: 
a CA information storage unit operable to store the (N+ 1)''' CA 

information including the (N+1)^ CA certificate to be a next valid CA certificate in a case 

where the Nth CA certificate becomes is revoked (pars. 0007, 0011-0012, and 0014-0020; 

Fig. 8; certificates 804 and 805 issued by CA 801 and CA 803 respectively are stored in 

hard disk of the computer 100); and 

an output unit operable to output, to a communication apparatus, the 

(N+l)*** CA information stored in the CA information storage unit, the communication 

apparatus being connected to the (N+ l)**" download server via the communication network 

(pars. 0007, 0011-0012, and 0014-0020; Fig. 8), and 

wherein said method comprises: 

starting up the N**" authentication apparatus to place the N^ authentication 
apparatus in operation to issue the Nth server certificate (pars. 0007, 0010-0014 and 0017- 
0020; Figs. 4-9); 
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issuing, via the N**" CA information issue unit of the Nth authentication 
apparatus, the N* CA information including (i) the N**" CA certificate indicating that the 
Nth server certificate is valid and (ii) the (N+ l)**" address for update indicating the location 
of the (N+ 1)*'' download server on the communication network (pars. 0010- 0014, and 

001 7-0220; Fig. 4; certification authority address information 402; when the renewal 
program 102 of a certificate is started, according to the certificate authority address 
information 402 of the certificate 101, it will take connection 505 for the certificate 
authority 105 via a network); 

Kenichi does not explicitly disclose after said starting up of the operation of the 
'H^ authentication apparatus, starting up the (N+ l)**" authentication apparatus and the (N+ 
1)'*' download server to place the (N+l)'*' authentication apparatus and the (N+l)'*' download 
server into operation, said starting up of the (N+ l)**" authentication apparatus and the (N+ 
l)**" download server taking place before a validity period of the Nth CA certificate expires; 
and terminating the operation of the (N+l)**" download server after the validity period of the 
N^ CA certificate expires. 

However, in an analogous art, Perlman discloses an authentication system, 
wherein after said starting up of the operation of the N*** authentication apparatus, starting 
up the (N+ l)*** authentication apparatus and the (N+ l)**" download server to place the 
(N+l)*** authentication apparatus and the (N+1)*'' download server into operation, said 
starting up of the (N+ 1)* authentication apparatus and the (N+ l)*** download server taking 
place before a validity period of the Nth CA certificate expires (Perlman: col. 3; lines 35- 
53; col. 7, lines 46-67 to col. 8, lines 1-24; begin using a new CA and OLRS, each of which 
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have new respective private/public key pairs that are different from those used by the CA 
and OLRS that are no longer being used); and 

terminating the operation of the (N+I)*^ download server after the validity period 
of the N**" CA certificate expires (Perlman: col. 3, lines 35-53; col. 7, lines 46-67 to col. 8, 
lines 1-24; if the CA is treated as if it has been compromised, in order to re-establish 
authentication system security it becomes necessary to (1) discontinue use of the current 
CA and OLRS, (2) begin using a new CA and OLRS, each of which have new respective 
private/public key pairs that are different from those used by the CA and OLRS that are no 
longer being used). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to combine the teaching of Perlman with the method and 
system of Kenichi to include steps of after said starting up of the operation of the N**" 
authentication apparatus, starting up the (N+ l)**" authentication apparatus and the (N+ 1)**" 
download server to place the (N+l)**" authentication apparatus and the (N+l)**" download 
server into operation, said starting up of the (N+ 1)* authentication apparatus and the (N+ 
1)"^ download server taking place before a vaUdity period of the Nth CA certificate expires; 
and terminating the operation of the (N+l)**" download server after the validity period of the 
N*** CA certificate expires to provide user with an authentication method that able to re- 
establish authentication system security after compromise of security information 
(Perlman: col. 1, lines 5-10). 
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• Regarding claim 14, Kenichi and Perlman disclose the method according to 
Claim 13. 

Perlman further discloses in said starting up of the (N+ 1)*'' download server, the 
(N+ 1)*** authentication apparatus and the (N+l)**" download server are put in operation, 

when the CA certificate is revoked (Perlman: col. 3; lines 35-58; col. 7, lines 46-67 to 
col. 8, lines 1-24; begin using a new CA and OLRS, each of which have new respective 
private/public key pairs that are different from those used by the CA and OLRS that are no 
longer being used). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to combine the teaching of Perlman with the method and 
system of Kenichi to include steps of in said starting up of the (N+ 1)"" download server, 
the (N+ 1)''^ authentication apparatus and the (N+l)'*' download server are put in operation, 
when the N**" CA certificate is revoked to provide user with an authentication method that 
able to re-establish authentication system security after compromise of security information 
(Perlman: col. 1, lines 5-10).. 

• Regarding claim 15, Kenichi and Perlman disclose the method according to 
Claim 13. 

Perlman further discloses terminating the operation of the Nth authentication 
apparatus and the operation of the (N+ l)**" download server when the validity period of the 
Nth CA certificate expires (Perlman: col. 3, lines 35-53; col. 7, lines 46-67 to col. 8, lines 
1-24; if the CA is treated as if it has been compromised, in order to re-establish 
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authentication system security it becomes necessary to (I) discontinue use of the current 
CA and OLRS, (2) begin using a new CA and OLRS, each of which have new respective 
private/public key pairs that are different from those used by the CA and OLRS that are no 
longer being used). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to combine the teaching of Perlman with the method and 
system of Kenichi to include steps of terminating the operation of the Nth authentication 
apparatus and the operation of the (N+ l)**" download server when the validity period of the 
Nth CA certificate expires to provide user with an authentication method that able to re- 
establish authentication system security after compromise of security information 
(Perlman: col. 1, lines 5-10). 



12. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office 
action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
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extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the 
advisory action. In no event, however, will the statutory period for reply expire later than 
SIX MONTHS from the mailing date of this final action. 

13. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Luu Pham whose telephone number is 571-270-5002. The examiner 
can normally be reached on Monday through Friday, 7:30 AM - 5:00 PM (EST). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel L. Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this apphcation or proceeding is assigned is 571-273-8300. 

Information regarding the status of an apphcation may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status information 
for unpublished applications is available through Private PAIR only. For more information 
about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Elecfronic Business Center (EBC) at 866- 
217-9197 (toll-free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786-9199 (IN USA 
OR CANADA) or 571-272-1000. 

/Luu Pham/ 

Examiner, Art Unit 2437 



/Matthew B Smithers/ 

Primary Examiner, Art Unit 2437 



